[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CVS Security Issues
|
From: |
Greg A. Woods |
|
Subject: |
RE: CVS Security Issues |
|
Date: |
Mon, 22 Dec 2003 02:05:13 -0500 (EST) |
[ On Friday, December 19, 2003 at 18:04:42 (+0100), Walter, Jan wrote: ]
> Subject: RE: CVS Security Issues
>
> The only reason to put the passwords somewhere else is to prevent someone
> from accidentally checking it out and accidentally changing or deleting
> someone elses' password and checking the file back in. It's a support issue,
> not a security one, whether the user intended to change their password or
> someone elses' is another question entirely. But I think there is a 'gain'
> here by keeping the passwd file somewhere else where some git can't wipe all
> the users by accident and bring development to a grinding halt.
Sorry, but it _is_ a security issue. If accidents can cause problems
with data used for authentication or authorisation then the causes of
those accidents are security issues.
Furthermore since this only gives a false sense of security, the whole
idea of making the change is a major security issue in and of itself.
> On security, you have two types of security anyways: 1) protection against
> malicious people and 2) protection for your data from accidental damage,
> deletion, or whatever ("protecting users from themselves"). CVS is part of
> category 2, obviously with the support of backup systems and so on.
Of course.
> Pserver
> figures into category 2 because you prevent the users from accidentally
> working in the actual repository and doing stuff like deleting directories.
Nope. Pserver bypasses both types of security, even if the proposed
changes are made. Pserver is _negative_ security, by its very definition.
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <address@hidden>
Planix, Inc. <address@hidden> Secrets of the Weird <address@hidden>